Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          g6Xt4jAPuAx1G0aGFr5BCBM5ttaP1y7PO/yW3LpbDaU=
Subject key identifier:   07:D4:B3:A2:2F:88:8E:FC:39:90:EC:58:59:3B:C5:99:58:F8:6B:9D
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       019653EE985F7DF77A5218AFE75563A97696
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0CEC
Signing time:             Sun 20 Apr 2025 16:01:07 +0000
Manifest this update:     Sun 20 Apr 2025 16:01:07 +0000
Manifest next update:     Mon 21 Apr 2025 16:01:07 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: 7xKfcW1X7i5/IHssHhQCYYP+lbyC1jrlNyqcJLTmIsU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:98:5f:7d:f7:7a:52:18:af:e7:55:63:a9:76:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Apr 20 16:01:07 2025 GMT
            Not After : Apr 21 16:01:07 2025 GMT
        Subject: CN=07d4b3a22f888efc3990ec58593bc59958f86b9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fd:e5:b7:a2:73:d4:ed:bc:68:f2:19:c1:fc:
                    b5:50:b7:5f:5c:5d:f5:69:5a:e3:5a:f5:37:3f:7d:
                    26:ee:7a:c2:d1:26:e7:86:e4:95:7e:79:c7:a6:fc:
                    94:7f:cc:13:a6:b1:23:b8:70:6d:61:97:86:af:a5:
                    ea:c7:e7:80:00:41:48:91:10:a0:b0:58:8b:57:58:
                    a2:72:31:79:b8:36:bf:7c:6d:b9:e9:9b:e1:0e:bf:
                    21:78:2e:5b:db:95:40:18:80:4e:31:7f:99:f5:2a:
                    f2:ce:b1:7d:bc:33:d8:58:ce:bd:ed:93:c5:f4:7f:
                    89:dc:cb:fa:4d:0c:61:b6:c6:1e:97:c2:a2:a1:36:
                    22:5c:49:75:0b:99:38:52:b1:15:d8:28:3a:89:4d:
                    c4:86:d2:2a:84:af:8f:c5:f0:5f:7a:ac:91:4b:21:
                    97:06:a7:82:6b:bd:65:14:de:41:92:ee:4b:bd:c8:
                    b9:2d:a4:48:c9:f5:01:1e:54:81:8c:76:fc:93:61:
                    26:d1:0e:0a:91:bc:65:92:f1:54:38:ab:65:2a:d3:
                    22:68:bf:cb:47:b5:f7:2c:ff:99:cb:23:c7:65:ac:
                    89:49:8a:bb:dc:7f:bd:ce:80:ce:d8:15:31:08:d8:
                    a3:64:eb:2e:9a:77:1d:90:4b:74:35:ef:32:04:4b:
                    16:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:D4:B3:A2:2F:88:8E:FC:39:90:EC:58:59:3B:C5:99:58:F8:6B:9D
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:1a:3b:65:f6:7a:c0:67:e7:e9:49:19:94:95:2b:69:68:fb:
         30:1f:bf:8c:9a:dc:24:84:02:bf:30:65:2d:bc:d2:c5:d5:99:
         d0:79:46:b1:c2:22:bd:2c:ae:0a:97:14:83:78:c0:a9:ca:56:
         ca:cb:1d:6c:27:ba:38:46:50:e6:e1:01:1f:88:29:e8:64:ed:
         bc:6a:6e:28:60:3c:3a:af:52:67:11:f8:1c:70:07:93:ba:a2:
         4b:ef:94:85:b5:98:b1:96:bd:e2:d1:d2:2f:e0:37:63:d5:a4:
         3d:7a:bd:de:d3:31:30:ee:89:f5:cd:11:6c:c4:5f:34:95:d6:
         60:70:d0:01:15:e0:6b:ab:fd:88:61:3e:51:57:40:71:3a:db:
         67:ff:9f:e6:ec:6f:9e:34:60:2a:d8:24:14:cb:4b:7d:12:e1:
         a5:9f:42:38:16:f0:b0:ec:d2:c9:24:9c:9a:6e:be:5d:3e:bf:
         fc:d8:2e:9f:0b:26:28:24:4e:6c:6e:ce:db:5d:49:ac:b8:07:
         50:d4:da:41:4d:a9:c1:92:24:f7:cc:3e:7a:7a:e0:cc:a7:2d:
         32:5d:2a:1b:bf:77:47:2a:d8:ed:04:1d:65:c6:79:1d:5d:5c:
         c3:91:30:42:3d:7f:93:96:d1:94:d2:7c:bc:c9:be:9a:c9:12:
         69:56:be:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7phfffd6Uhiv51VjqXaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUwNDIwMTYwMTA3WhcNMjUwNDIxMTYwMTA3WjAzMTEwLwYDVQQD
EygwN2Q0YjNhMjJmODg4ZWZjMzk5MGVjNTg1OTNiYzU5OTU4Zjg2YjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP3lt6Jz1O28aPIZwfy1ULdfXF31
aVrjWvU3P30m7nrC0SbnhuSVfnnHpvyUf8wTprEjuHBtYZeGr6Xqx+eAAEFIkRCg
sFiLV1iicjF5uDa/fG256ZvhDr8heC5b25VAGIBOMX+Z9SryzrF9vDPYWM697ZPF
9H+J3Mv6TQxhtsYel8KioTYiXEl1C5k4UrEV2Cg6iU3EhtIqhK+PxfBfeqyRSyGX
BqeCa71lFN5Bku5Lvci5LaRIyfUBHlSBjHb8k2Em0Q4KkbxlkvFUOKtlKtMiaL/L
R7X3LP+ZyyPHZayJSYq73H+9zoDO2BUxCNijZOsumncdkEt0Ne8yBEsWPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfUs6IviI78OZDsWFk7xZlY+GudMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwRo7ZfZ6
wGfn6UkZlJUraWj7MB+/jJrcJIQCvzBlLbzSxdWZ0HlGscIivSyuCpcUg3jAqcpW
yssdbCe6OEZQ5uEBH4gp6GTtvGpuKGA8Oq9SZxH4HHAHk7qiS++UhbWYsZa94tHS
L+A3Y9WkPXq93tMxMO6J9c0RbMRfNJXWYHDQARXga6v9iGE+UVdAcTrbZ/+f5uxv
njRgKtgkFMtLfRLhpZ9COBbwsOzSySScmm6+XT6//NgunwsmKCRObG7O211JrLgH
UNTaQU2pwZIk98w+enrgzKctMl0qG793RyrY7QQdZcZ5HV1cw5EwQj1/k5bRlNJ8
vMm+mskSaVa+JA==
-----END CERTIFICATE-----